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Listing of the Claims 

1 . (Original) A single sign-on authentication system, comprising: 

an authentication component that determines whether a user is authenticated, and, if it is 
determined that the user is authenticated, generates a connection request; 

an interface component that receives the connection request from the authentication 
component, the connection request including an identifier and entitlement information; wherein 
the interface component compares the received identifier with an expected identifier and, if they 
match, makes the entitlement information available to a server associated with the interface 
component, 

wherein the interface component comprises a request processor configured to assign one 
or more resources accessible by the authenticated user, based at least in part on the entitlement 
information. 

2. (Original) The single sign-on authentication system of claim 1, wherein the entitlement 
information is different from information used to authenticate the user. 

3. (Original) The single sign-on authentication system of claim 1, wherein the identifier 
includes an Internet Protocol (IP) address. 

4. (Original) The single sign-on authentication system of claim 2, wherein the 
authentication component determines the entitlement information based on the information used 
to authenticate the user. 

5. (Original) The single sign-on authentication system of claim 4, wherein the information 
used to authenticate the user includes one or more of a user identifier and a password. 

6. (Original) The single sign-on authentication system of claim 1, wherein the entitlement 
information is contained in a header portion of a data packet. 
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7. (Original) The single sign-on authentication system of claim 1, wherein the connection 
request is sent as an HTTP request. 

8. (Original) A method for enabling an authenticated user to connect to a server in a 
computer network, comprising: 

receiving a connection request for the authenticated user, the connection request 

including an identifier and entitlement information; 

comparing the received identifier with an expected identifier; and 

making the entitlement information available to the server, only if the result of the 

comparison is a match. 

9. (Original) The method of claim 8, wherein the entitlement information is different from 
information used to authenticate the authenticated user. 

1 0. (Original) The method of claim 8, wherein the received identifier includes an Internet 
Protocol (rP) address. 

1 1 . (Original) The method of claim 9, wherein the entitlement information is determined 
based on the information used to authenticate the user. 

12. (Original) The method of claim 1 1 , wherein the information used to authenticate the 
authenticated user includes one or more of a user identifier and a password. 

13. (Original) The method of claim 8, wherein the entitlement information is contained in a 
header portion of a data packet. 

14. (Original) The method of claim 8, wherein the connection request is sent as an HTTP 
request. 

15. (Original) A program storage device readable by a machine, tangibly embodying a 
program of instructions executable on the machine to perform method steps for enabling an 
authenticated user to connect to a server in a computer network, the method steps comprising: 
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receiving a connection request for the authenticated user, the connection request 

including an identifier and entitlement information; 

comparing the received identifier with an expected identifier; and 

making the entitlement information available to the server, only if the result of the 

comparison is a match. 
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